Skip to content

Security Alert Test #99

New issue
New issue
Closed
Closed
Security Alert Test#99
Assignees
homoluctus
Labels
testspecify the issue generated by testtrivyvulnerability
@github-actions

Description

@github-actions
github-actions
bot
opened on Jun 3, 2021

knqyf263/vuln-image (alpine 3.7.1) - Trivy Report - 2021-06-03T21:25:24.416449943Z

alpine
Package Vulnerability ID Severity Installed Version Fixed Version Links
curl CVE-2018-14618 CRITICAL 7.61.0-r0 7.61.1-r0 http://www.securitytracker.com/id/1041605 https://access.redhat.com/errata/RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2019:1880 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2018-14618.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618 curl/curl#2756 https://linux.oracle.com/cve/CVE-2018-14618.html https://linux.oracle.com/errata/ELSA-2019-1880.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014 https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3765-1/ https://usn.ubuntu.com/3765-2/ https://usn.ubuntu.com/usn/usn-3765-1 https://usn.ubuntu.com/usn/usn-3765-2 https://www.debian.org/security/2018/dsa-4286
curl CVE-2018-16839 CRITICAL 7.61.0-r0 7.61.1-r1 http://www.securitytracker.com/id/1042012 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839 https://curl.haxx.se/docs/CVE-2018-16839.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839 curl/curl@f3a24d7 https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/usn/usn-3805-1 https://www.debian.org/security/2018/dsa-4331
curl CVE-2018-16840 CRITICAL 7.61.0-r0 7.61.1-r1 http://www.securitytracker.com/id/1042013 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840 https://curl.haxx.se/docs/CVE-2018-16840.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840 curl/curl@81d135d https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/usn/usn-3805-1
curl CVE-2018-16842 CRITICAL 7.61.0-r0 7.61.1-r1 http://www.securitytracker.com/id/1042014 https://access.redhat.com/errata/RHSA-2019:2181 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842 https://curl.haxx.se/docs/CVE-2018-16842.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842 curl/curl@d530e92 https://linux.oracle.com/cve/CVE-2018-16842.html https://linux.oracle.com/errata/ELSA-2019-2181.html https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/3805-2/ https://usn.ubuntu.com/usn/usn-3805-1 https://usn.ubuntu.com/usn/usn-3805-2 https://www.debian.org/security/2018/dsa-4331 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
curl CVE-2019-3822 CRITICAL 7.61.0-r0 7.61.1-r2 http://www.securityfocus.com/bid/106950 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2019-3822.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 https://linux.oracle.com/cve/CVE-2019-3822.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.gentoo.org/glsa/201903-03 https://security.netapp.com/advisory/ntap-20190315-0001/ https://security.netapp.com/advisory/ntap-20190719-0004/ https://support.f5.com/csp/article/K84141449 https://support.f5.com/csp/article/K84141449?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
curl CVE-2019-5481 CRITICAL 7.61.0-r0 7.61.1-r3 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html https://curl.haxx.se/docs/CVE-2019-5481.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481 https://linux.oracle.com/cve/CVE-2019-5481.html https://linux.oracle.com/errata/ELSA-2020-1792.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/ https://seclists.org/bugtraq/2020/Feb/36 https://security.gentoo.org/glsa/202003-29 https://security.netapp.com/advisory/ntap-20191004-0003/ https://usn.ubuntu.com/usn/usn-4129-1 https://www.debian.org/security/2020/dsa-4633 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
curl CVE-2019-5482 CRITICAL 7.61.0-r0 7.61.1-r3 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html https://curl.haxx.se/docs/CVE-2019-5482.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482 https://linux.oracle.com/cve/CVE-2019-5482.html https://linux.oracle.com/errata/ELSA-2020-5562.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/ https://seclists.org/bugtraq/2020/Feb/36 https://security.gentoo.org/glsa/202003-29 https://security.netapp.com/advisory/ntap-20191004-0003/ https://security.netapp.com/advisory/ntap-20200416-0003/ https://usn.ubuntu.com/usn/usn-4129-1 https://usn.ubuntu.com/usn/usn-4129-2 https://www.debian.org/security/2020/dsa-4633 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
curl CVE-2018-16890 HIGH 7.61.0-r0 7.61.1-r2 http://www.securityfocus.com/bid/106947 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2018-16890.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 https://linux.oracle.com/cve/CVE-2018-16890.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.netapp.com/advisory/ntap-20190315-0001/ https://support.f5.com/csp/article/K03314397?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
curl CVE-2019-3823 HIGH 7.61.0-r0 7.61.1-r2 http://www.securityfocus.com/bid/106950 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823 https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf https://curl.haxx.se/docs/CVE-2019-3823.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 https://linux.oracle.com/cve/CVE-2019-3823.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.gentoo.org/glsa/201903-03 https://security.netapp.com/advisory/ntap-20190315-0001/ https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
expat CVE-2018-20843 HIGH 2.2.5-r0 2.2.7-r0 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843 https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes libexpat/libexpat#186 libexpat/libexpat#262 libexpat/libexpat@11f8838 https://linux.oracle.com/cve/CVE-2018-20843.html https://linux.oracle.com/errata/ELSA-2020-4484.html https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/ https://seclists.org/bugtraq/2019/Jun/39 https://security.gentoo.org/glsa/201911-08 https://security.netapp.com/advisory/ntap-20190703-0001/ https://support.f5.com/csp/article/K51011533 https://usn.ubuntu.com/4040-1/ https://usn.ubuntu.com/4040-2/ https://usn.ubuntu.com/usn/usn-4040-1 https://usn.ubuntu.com/usn/usn-4040-2 https://www.debian.org/security/2019/dsa-4472 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
expat CVE-2019-15903 HIGH 2.2.5-r0 2.2.7-r1 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html http://seclists.org/fulldisclosure/2019/Dec/23 http://seclists.org/fulldisclosure/2019/Dec/26 http://seclists.org/fulldisclosure/2019/Dec/27 http://seclists.org/fulldisclosure/2019/Dec/30 https://access.redhat.com/errata/RHSA-2019:3210 https://access.redhat.com/errata/RHSA-2019:3237 https://access.redhat.com/errata/RHSA-2019:3756 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903 libexpat/libexpat@c20b758 libexpat/libexpat#317 libexpat/libexpat#342 libexpat/libexpat#318 https://linux.oracle.com/cve/CVE-2019-15903.html https://linux.oracle.com/errata/ELSA-2020-4484.html https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/ https://seclists.org/bugtraq/2019/Dec/17 https://seclists.org/bugtraq/2019/Dec/21 https://seclists.org/bugtraq/2019/Dec/23 https://seclists.org/bugtraq/2019/Nov/1 https://seclists.org/bugtraq/2019/Nov/24 https://seclists.org/bugtraq/2019/Oct/29 https://seclists.org/bugtraq/2019/Sep/30 https://seclists.org/bugtraq/2019/Sep/37 https://security.gentoo.org/glsa/201911-08 https://security.netapp.com/advisory/ntap-20190926-0004/ https://support.apple.com/kb/HT210785 https://support.apple.com/kb/HT210788 https://support.apple.com/kb/HT210789 https://support.apple.com/kb/HT210790 https://support.apple.com/kb/HT210793 https://support.apple.com/kb/HT210794 https://support.apple.com/kb/HT210795 https://usn.ubuntu.com/4132-1/ https://usn.ubuntu.com/4132-2/ https://usn.ubuntu.com/4165-1/ https://usn.ubuntu.com/4202-1/ https://usn.ubuntu.com/4335-1/ https://usn.ubuntu.com/usn/usn-4132-1 https://usn.ubuntu.com/usn/usn-4132-2 https://usn.ubuntu.com/usn/usn-4165-1 https://usn.ubuntu.com/usn/usn-4202-1 https://usn.ubuntu.com/usn/usn-4335-1 https://www.debian.org/security/2019/dsa-4530 https://www.debian.org/security/2019/dsa-4549 https://www.debian.org/security/2019/dsa-4571 https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-15903 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
git CVE-2018-17456 CRITICAL 2.15.2-r0 2.15.3-r0 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html http://www.securityfocus.com/bid/105523 http://www.securityfocus.com/bid/107511 http://www.securitytracker.com/id/1041811 https://access.redhat.com/errata/RHSA-2018:3408 https://access.redhat.com/errata/RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3541 https://access.redhat.com/errata/RHSA-2020:0316 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456 git/git@1a7fd1f git/git@a124133 https://linux.oracle.com/cve/CVE-2018-17456.html https://linux.oracle.com/errata/ELSA-2020-0316.html https://marc.info/?l=git&m=153875888916397&w=2 https://public-inbox.org/git/xmqqy3bcuy3l.fsf@gitster-ct.c.googlers.com/ https://seclists.org/bugtraq/2019/Mar/30 https://usn.ubuntu.com/3791-1/ https://usn.ubuntu.com/usn/usn-3791-1 https://www.debian.org/security/2018/dsa-4311 https://www.exploit-db.com/exploits/45548/ https://www.exploit-db.com/exploits/45631/ https://www.openwall.com/lists/oss-security/2018/10/06/3
git CVE-2019-1353 CRITICAL 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353 GHSA-589j-mmg9-733v https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/T/#u https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1349 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2020:0228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349 GHSA-4qvh-qvv7-frc7 https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://linux.oracle.com/cve/CVE-2019-1349.html https://linux.oracle.com/errata/ELSA-2019-4356.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1350 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1350 GHSA-44fr-r2hj-3f4x https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1350 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://security.gentoo.org/glsa/202003-42 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1351 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1351 GHSA-39hj-fvvf-mq4f https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1351 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1352 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2020:0228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352 GHSA-5wph-8frv-58vj https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://linux.oracle.com/cve/CVE-2019-1352.html https://linux.oracle.com/errata/ELSA-2019-4356.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1354 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1354 GHSA-xjx4-8694-q2fq https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1354 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1387 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2019:4356 https://access.redhat.com/errata/RHSA-2020:0002 https://access.redhat.com/errata/RHSA-2020:0124 https://access.redhat.com/errata/RHSA-2020:0228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387 GHSA-4wfr-gwrh-8mj2 https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://linux.oracle.com/cve/CVE-2019-1387.html https://linux.oracle.com/errata/ELSA-2020-0124.html https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/ https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/T/#u https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://security.gentoo.org/glsa/202003-42 https://usn.ubuntu.com/usn/usn-4220-1
libbz2 CVE-2019-12900 CRITICAL 1.0.6-r6 1.0.6-r7 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900 https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html https://seclists.org/bugtraq/2019/Aug/4 https://seclists.org/bugtraq/2019/Jul/22 https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/4038-1/ https://usn.ubuntu.com/4038-2/ https://usn.ubuntu.com/4146-1/ https://usn.ubuntu.com/4146-2/ https://usn.ubuntu.com/usn/usn-4038-1 https://usn.ubuntu.com/usn/usn-4038-2 https://usn.ubuntu.com/usn/usn-4038-3 https://usn.ubuntu.com/usn/usn-4038-4 https://usn.ubuntu.com/usn/usn-4146-1 https://usn.ubuntu.com/usn/usn-4146-2 https://www.oracle.com/security-alerts/cpuoct2020.html
libcurl CVE-2018-16839 CRITICAL 7.61.1-r0 7.61.1-r1 http://www.securitytracker.com/id/1042012 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839 https://curl.haxx.se/docs/CVE-2018-16839.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839 curl/curl@f3a24d7 https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/usn/usn-3805-1 https://www.debian.org/security/2018/dsa-4331
libcurl CVE-2018-16840 CRITICAL 7.61.1-r0 7.61.1-r1 http://www.securitytracker.com/id/1042013 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840 https://curl.haxx.se/docs/CVE-2018-16840.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840 curl/curl@81d135d https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/usn/usn-3805-1
libcurl CVE-2018-16842 CRITICAL 7.61.1-r0 7.61.1-r1 http://www.securitytracker.com/id/1042014 https://access.redhat.com/errata/RHSA-2019:2181 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842 https://curl.haxx.se/docs/CVE-2018-16842.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842 curl/curl@d530e92 https://linux.oracle.com/cve/CVE-2018-16842.html https://linux.oracle.com/errata/ELSA-2019-2181.html https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/3805-2/ https://usn.ubuntu.com/usn/usn-3805-1 https://usn.ubuntu.com/usn/usn-3805-2 https://www.debian.org/security/2018/dsa-4331 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
libcurl CVE-2019-3822 CRITICAL 7.61.1-r0 7.61.1-r2 http://www.securityfocus.com/bid/106950 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2019-3822.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 https://linux.oracle.com/cve/CVE-2019-3822.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.gentoo.org/glsa/201903-03 https://security.netapp.com/advisory/ntap-20190315-0001/ https://security.netapp.com/advisory/ntap-20190719-0004/ https://support.f5.com/csp/article/K84141449 https://support.f5.com/csp/article/K84141449?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
libcurl CVE-2019-5481 CRITICAL 7.61.1-r0 7.61.1-r3 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html https://curl.haxx.se/docs/CVE-2019-5481.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481 https://linux.oracle.com/cve/CVE-2019-5481.html https://linux.oracle.com/errata/ELSA-2020-1792.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/ https://seclists.org/bugtraq/2020/Feb/36 https://security.gentoo.org/glsa/202003-29 https://security.netapp.com/advisory/ntap-20191004-0003/ https://usn.ubuntu.com/usn/usn-4129-1 https://www.debian.org/security/2020/dsa-4633 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
libcurl CVE-2019-5482 CRITICAL 7.61.1-r0 7.61.1-r3 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html https://curl.haxx.se/docs/CVE-2019-5482.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482 https://linux.oracle.com/cve/CVE-2019-5482.html https://linux.oracle.com/errata/ELSA-2020-5562.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/ https://seclists.org/bugtraq/2020/Feb/36 https://security.gentoo.org/glsa/202003-29 https://security.netapp.com/advisory/ntap-20191004-0003/ https://security.netapp.com/advisory/ntap-20200416-0003/ https://usn.ubuntu.com/usn/usn-4129-1 https://usn.ubuntu.com/usn/usn-4129-2 https://www.debian.org/security/2020/dsa-4633 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
libcurl CVE-2018-16890 HIGH 7.61.1-r0 7.61.1-r2 http://www.securityfocus.com/bid/106947 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2018-16890.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 https://linux.oracle.com/cve/CVE-2018-16890.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.netapp.com/advisory/ntap-20190315-0001/ https://support.f5.com/csp/article/K03314397?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
libcurl CVE-2019-3823 HIGH 7.61.1-r0 7.61.1-r2 http://www.securityfocus.com/bid/106950 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823 https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf https://curl.haxx.se/docs/CVE-2019-3823.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 https://linux.oracle.com/cve/CVE-2019-3823.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.gentoo.org/glsa/201903-03 https://security.netapp.com/advisory/ntap-20190315-0001/ https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
libxml2 CVE-2018-14404 HIGH 2.9.7-r0 2.9.8-r1 https://access.redhat.com/errata/RHSA-2019:1543 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817 https://bugzilla.redhat.com/show_bug.cgi?id=1595985 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404 GHSA-6qvp-r6r3-9p7h sparklemotion/nokogiri#1785 https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74 https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594 https://gitlab.gnome.org/GNOME/libxml2/issues/10 https://groups.google.com/forum/#!msg/ruby-security-ann/uVrmO2HjqQw/Fw3ocLI0BQAJ https://linux.oracle.com/cve/CVE-2018-14404.html https://linux.oracle.com/errata/ELSA-2020-1827.html https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html https://nvd.nist.gov/vuln/detail/CVE-2018-14404 https://security.netapp.com/advisory/ntap-20190719-0002/ https://usn.ubuntu.com/3739-1/ https://usn.ubuntu.com/3739-2/ https://usn.ubuntu.com/usn/usn-3739-1 https://usn.ubuntu.com/usn/usn-3739-2
musl CVE-2019-14697 CRITICAL 1.1.18-r3 1.1.18-r4 http://www.openwall.com/lists/oss-security/2019/08/06/4 https://security.gentoo.org/glsa/202003-13 https://www.openwall.com/lists/musl/2019/08/06/1
musl-utils CVE-2019-14697 CRITICAL 1.1.18-r3 1.1.18-r4 http://www.openwall.com/lists/oss-security/2019/08/06/4 https://security.gentoo.org/glsa/202003-13 https://www.openwall.com/lists/musl/2019/08/06/1
patch CVE-2018-1000156 HIGH 2.7.5-r2 2.7.6-r0 http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html http://rachelbythebay.com/w/2018/04/05/bangpatch/ https://access.redhat.com/errata/RHSA-2018:1199 https://access.redhat.com/errata/RHSA-2018:1200 https://access.redhat.com/errata/RHSA-2018:2091 https://access.redhat.com/errata/RHSA-2018:2092 https://access.redhat.com/errata/RHSA-2018:2093 https://access.redhat.com/errata/RHSA-2018:2094 https://access.redhat.com/errata/RHSA-2018:2095 https://access.redhat.com/errata/RHSA-2018:2096 https://access.redhat.com/errata/RHSA-2018:2097 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894667#19 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156 https://linux.oracle.com/cve/CVE-2018-1000156.html https://linux.oracle.com/errata/ELSA-2018-1200.html https://lists.debian.org/debian-lts-announce/2018/04/msg00013.html https://rachelbythebay.com/w/2018/04/05/bangpatch/ https://savannah.gnu.org/bugs/index.php?53566 https://seclists.org/bugtraq/2019/Aug/29 https://seclists.org/bugtraq/2019/Jul/54 https://security.gentoo.org/glsa/201904-17 https://twitter.com/kurtseifried/status/982028968877436928 https://usn.ubuntu.com/3624-1/ https://usn.ubuntu.com/3624-2/ https://usn.ubuntu.com/usn/usn-3624-1 https://usn.ubuntu.com/usn/usn-3624-2
patch CVE-2018-6952 HIGH 2.7.5-r2 2.7.6-r0 http://www.securityfocus.com/bid/103047 https://access.redhat.com/errata/RHSA-2019:2033 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952 https://linux.oracle.com/cve/CVE-2018-6952.html https://linux.oracle.com/errata/ELSA-2019-2033.html https://savannah.gnu.org/bugs/index.php?53133 https://security.gentoo.org/glsa/201904-17
patch CVE-2019-13638 HIGH 2.7.5-r2 2.7.6-r0 http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html https://access.redhat.com/errata/RHSA-2019:2798 https://access.redhat.com/errata/RHSA-2019:2964 https://access.redhat.com/errata/RHSA-2019:3757 https://access.redhat.com/errata/RHSA-2019:3758 https://access.redhat.com/errata/RHSA-2019:4061 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638 https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0 https://github.com/irsl/gnu-patch-vulnerabilities https://linux.oracle.com/cve/CVE-2019-13638.html https://linux.oracle.com/errata/ELSA-2019-2964.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/ https://seclists.org/bugtraq/2019/Aug/29 https://seclists.org/bugtraq/2019/Jul/54 https://security-tracker.debian.org/tracker/CVE-2019-13638 https://security.gentoo.org/glsa/201908-22 https://security.netapp.com/advisory/ntap-20190828-0001/ https://usn.ubuntu.com/usn/usn-4071-1 https://usn.ubuntu.com/usn/usn-4071-2 https://www.debian.org/security/2019/dsa-4489
sqlite-libs CVE-2019-8457 CRITICAL 3.21.0-r1 3.25.3-r1 http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457 https://linux.oracle.com/cve/CVE-2019-8457.html https://linux.oracle.com/errata/ELSA-2020-1810.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/ https://security.netapp.com/advisory/ntap-20190606-0002/ https://usn.ubuntu.com/4004-1/ https://usn.ubuntu.com/4004-2/ https://usn.ubuntu.com/4019-1/ https://usn.ubuntu.com/4019-2/ https://usn.ubuntu.com/usn/usn-4004-1 https://usn.ubuntu.com/usn/usn-4004-2 https://usn.ubuntu.com/usn/usn-4019-1 https://usn.ubuntu.com/usn/usn-4019-2 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://www.sqlite.org/releaselog/3_28_0.html https://www.sqlite.org/src/info/90acdbfce9c08858
sqlite-libs CVE-2018-20346 HIGH 3.21.0-r1 3.25.3-r0 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html http://www.securityfocus.com/bid/106323 https://access.redhat.com/articles/3758321 https://blade.tencent.com/magellan/index_en.html https://bugzilla.redhat.com/show_bug.cgi?id=1659379 https://bugzilla.redhat.com/show_bug.cgi?id=1659677 https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e https://crbug.com/900910 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346 https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/ https://news.ycombinator.com/item?id=18685296 https://security.gentoo.org/glsa/201904-21 https://sqlite.org/src/info/940f2adc8541a838 https://sqlite.org/src/info/d44318f59044162e https://support.apple.com/HT209443 https://support.apple.com/HT209446 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209450 https://support.apple.com/HT209451 https://usn.ubuntu.com/4019-1/ https://usn.ubuntu.com/4019-2/ https://usn.ubuntu.com/usn/usn-4019-1 https://usn.ubuntu.com/usn/usn-4019-2 https://worthdoingbadly.com/sqlitebug/ https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html https://www.oracle.com/security-alerts/cpuapr2020.html https://www.sqlite.org/releaselog/3_25_3.html https://www.synology.com/security/advisory/Synology_SA_18_61
subversion CVE-2019-0203 HIGH 1.9.7-r0 1.9.12-r0 http://subversion.apache.org/security/CVE-2019-0203-advisory.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0203 https://linux.oracle.com/cve/CVE-2019-0203.html https://linux.oracle.com/errata/ELSA-2019-2512.html https://subversion.apache.org/security/CVE-2019-0203-advisory.txt https://usn.ubuntu.com/usn/usn-4082-1 https://usn.ubuntu.com/usn/usn-4082-2
subversion-libs CVE-2019-0203 HIGH 1.9.7-r0 1.9.12-r0 http://subversion.apache.org/security/CVE-2019-0203-advisory.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0203 https://linux.oracle.com/cve/CVE-2019-0203.html https://linux.oracle.com/errata/ELSA-2019-2512.html https://subversion.apache.org/security/CVE-2019-0203-advisory.txt https://usn.ubuntu.com/usn/usn-4082-1 https://usn.ubuntu.com/usn/usn-4082-2
npm
Package Vulnerability ID Severity Installed Version Fixed Version Links
lodash CVE-2019-10744 CRITICAL 4.17.4 4.17.12 https://access.redhat.com/errata/RHSA-2019:3024 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10744 GHSA-jf85-cpcp-j695 https://nvd.nist.gov/vuln/detail/CVE-2019-10744 https://security.netapp.com/advisory/ntap-20191004-0005/ https://snyk.io/vuln/SNYK-JS-LODASH-450202 https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpuoct2020.html
lodash CVE-2018-16487 HIGH 4.17.4 4.17.11 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487 GHSA-4xc9-xhrj-v574 https://hackerone.com/reports/380873 https://nvd.nist.gov/vuln/detail/CVE-2018-16487 https://security.netapp.com/advisory/ntap-20190919-0004/
lodash CVE-2020-8203 HIGH 4.17.4 4.17.19 GHSA-p6mc-m468-83gw https://github.com/lodash/lodash/issues/4874 https://hackerone.com/reports/712065 https://nvd.nist.gov/vuln/detail/CVE-2020-8203 https://security.netapp.com/advisory/ntap-20200724-0006/ https://www.npmjs.com/advisories/1523
lodash CVE-2021-23337 HIGH 4.17.4 4.17.21 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337 GHSA-35jh-r3h4-6jhm https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851 https://nvd.nist.gov/vuln/detail/CVE-2021-23337 https://security.netapp.com/advisory/ntap-20210312-0006/ https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929 https://snyk.io/vuln/SNYK-JS-LODASH-1040724
composer
Package Vulnerability ID Severity Installed Version Fixed Version Links
guzzlehttp/guzzle CVE-2016-5385 HIGH 6.2.0 4.2.4, 5.3.1, 6.2.1 http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html http://php.net/ChangeLog-7.php#7.0.9 http://rhn.redhat.com/errata/RHSA-2016-1609.html http://rhn.redhat.com/errata/RHSA-2016-1610.html http://rhn.redhat.com/errata/RHSA-2016-1611.html http://rhn.redhat.com/errata/RHSA-2016-1612.html http://rhn.redhat.com/errata/RHSA-2016-1613.html http://www.debian.org/security/2016/dsa-3631 http://www.kb.cert.org/vuls/id/797896 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91821 http://www.securitytracker.com/id/1036335 https://bugzilla.redhat.com/show_bug.cgi?id=1353794 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385 https://github.com/guzzle/guzzle/releases/tag/6.2.1 https://github.com/humbug/file_get_contents/releases/tag/1.1.2 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 https://httpoxy.org/ https://linux.oracle.com/cve/CVE-2016-5385.html https://linux.oracle.com/errata/ELSA-2016-1613.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/ https://security.gentoo.org/glsa/201611-22 https://usn.ubuntu.com/usn/usn-3045-1 https://www.drupal.org/SA-CORE-2016-003
pipenv
Package Vulnerability ID Severity Installed Version Fixed Version Links
django CVE-2019-19844 CRITICAL 2.0.9 3.0.1, 2.2.9, 1.11.27 http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844 https://docs.djangoproject.com/en/dev/releases/security/ GHSA-vfq6-hq5r-27r6 https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/ https://nvd.nist.gov/vuln/detail/CVE-2019-19844 https://seclists.org/bugtraq/2020/Jan/9 https://security.gentoo.org/glsa/202004-17 https://security.netapp.com/advisory/ntap-20200110-0003/ https://usn.ubuntu.com/4224-1/ https://usn.ubuntu.com/usn/usn-4224-1 https://www.debian.org/security/2020/dsa-4598 https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
django CVE-2020-7471 CRITICAL 2.0.9 3.0.3, 2.2.10, 1.11.28 http://www.openwall.com/lists/oss-security/2020/02/03/1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7471 https://docs.djangoproject.com/en/3.0/releases/security/ GHSA-hmr4-m2h5-33qx django/django@eb31d84 https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/ https://nvd.nist.gov/vuln/detail/CVE-2020-7471 https://seclists.org/bugtraq/2020/Feb/30 https://security.gentoo.org/glsa/202004-17 https://security.netapp.com/advisory/ntap-20200221-0006/ https://usn.ubuntu.com/4264-1/ https://usn.ubuntu.com/usn/usn-4264-1 https://www.debian.org/security/2020/dsa-4629 https://www.djangoproject.com/weblog/2020/feb/03/security-releases/ https://www.openwall.com/lists/oss-security/2020/02/03/1
django CVE-2019-6975 HIGH 2.0.9 2.1.6, 2.0.11, 1.11.19 http://www.securityfocus.com/bid/106964 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6975 https://docs.djangoproject.com/en/dev/releases/security/ GHSA-wh4h-v3f2-r2pp https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/ https://nvd.nist.gov/vuln/detail/CVE-2019-6975 https://seclists.org/bugtraq/2019/Jul/10 https://usn.ubuntu.com/3890-1/ https://usn.ubuntu.com/usn/usn-3890-1 https://www.debian.org/security/2019/dsa-4476 https://www.djangoproject.com/weblog/2019/feb/11/security-releases/ https://www.openwall.com/lists/oss-security/2019/02/11/1
django CVE-2020-9402 HIGH 2.0.9 3.0.4, 2.2.11, 1.11.29 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9402 https://docs.djangoproject.com/en/3.0/releases/security/ GHSA-3gh2-xw74-jmcw https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/ https://nvd.nist.gov/vuln/detail/CVE-2020-9402 https://security.gentoo.org/glsa/202004-17 https://security.netapp.com/advisory/ntap-20200327-0004/ https://usn.ubuntu.com/4296-1/ https://usn.ubuntu.com/usn/usn-4296-1 https://www.debian.org/security/2020/dsa-4705 https://www.djangoproject.com/weblog/2020/mar/04/security-releases/
httplib2 CVE-2021-21240 HIGH 0.12.1 0.19.0 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21240 GHSA-93xj-8mrv-444m httplib2/httplib2@bd9ee25 httplib2/httplib2#182 GHSA-93xj-8mrv-444m https://nvd.nist.gov/vuln/detail/CVE-2021-21240 https://pypi.org/project/httplib2
py CVE-2020-29651 HIGH 1.8.0 1.10.0 GHSA-hj5v-574p-mj7c pytest-dev/py#256 pytest-dev/py#257 pytest-dev/py@4a9017d https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYWNYEV3FGDHPIHX4DDUDMFZ6NLCQRC4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHDTINIBJZ67T3W74QTBIY5LPKAXEOGR/ https://nvd.nist.gov/vuln/detail/CVE-2020-29651
pygments CVE-2021-20270 HIGH 2.3.1 2.7.4 https://bugzilla.redhat.com/show_bug.cgi?id=1922136 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270 GHSA-9w8r-397f-prfh https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html https://nvd.nist.gov/vuln/detail/CVE-2021-20270 https://usn.ubuntu.com/usn/usn-4885-1 https://www.debian.org/security/2021/dsa-4889
pygments CVE-2021-27291 HIGH 2.3.1 2.7.4 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291 https://gist.github.com/b-c-ds/b1a2cc0c68a35c57188575eb496de5ce GHSA-pq64-v7f5-gqh8 pygments/pygments@2e7e8c4 https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ/ https://nvd.nist.gov/vuln/detail/CVE-2021-27291 https://usn.ubuntu.com/usn/usn-4897-1 https://www.debian.org/security/2021/dsa-4878 https://www.debian.org/security/2021/dsa-4889
pyyaml CVE-2019-20477 CRITICAL 5.1 5.2 GHSA-3pqx-4fqf-j49f https://github.com/yaml/pyyaml/blob/master/CHANGES https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33VBUY73AA6CTTYL3LRWHNFDULV7PFPN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/52N5XS73Z5S4ZN7I7R56ICCPCTKCUV4H/ https://nvd.nist.gov/vuln/detail/CVE-2019-20477 https://www.exploit-db.com/download/47655
pyyaml CVE-2020-14343 CRITICAL 5.1 5.4 https://bugzilla.redhat.com/show_bug.cgi?id=1860466 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14343 GHSA-8q59-q68h-6hv4 https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation https://nvd.nist.gov/vuln/detail/CVE-2020-14343 https://usn.ubuntu.com/usn/usn-4940-1
pyyaml CVE-2020-1747 CRITICAL 5.1 5.3.1 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747 GHSA-6757-jp84-gxfx yaml/pyyaml#386 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PPAS6C4SZRDQLR7C22A5U3QOLXY33JX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMQXSZXNJT6ERABJZAAICI3DQSQLCP3D/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/ https://nvd.nist.gov/vuln/detail/CVE-2020-1747
urllib3 CVE-2019-11324 HIGH 1.24.1 1.24.2 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html http://www.openwall.com/lists/oss-security/2019/04/19/1 https://access.redhat.com/errata/RHSA-2019:3335 https://access.redhat.com/errata/RHSA-2019:3590 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11324 GHSA-mh33-7rrq-662w urllib3/urllib3@a6ec68a...1efadf4 https://linux.oracle.com/cve/CVE-2019-11324.html https://linux.oracle.com/errata/ELSA-2020-2068.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/ https://nvd.nist.gov/vuln/detail/CVE-2019-11324 https://usn.ubuntu.com/3990-1/ https://usn.ubuntu.com/usn/usn-3990-1 https://www.openwall.com/lists/oss-security/2019/04/17/3
bundler
Package Vulnerability ID Severity Installed Version Fixed Version Links
actionpack CVE-2020-8164 HIGH 5.2.3 6.0.3.1, 5.2.4.3 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00089.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00093.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00107.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8164 GHSA-8727-m6gj-mc37 https://groups.google.com/forum/#!topic/rubyonrails-security/f6ioe4sdpbY https://groups.google.com/g/rubyonrails-security/c/f6ioe4sdpbY https://hackerone.com/reports/292797 https://lists.debian.org/debian-lts-announce/2020/06/msg00022.html https://lists.debian.org/debian-lts-announce/2020/07/msg00013.html https://nvd.nist.gov/vuln/detail/CVE-2020-8164 https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released https://www.debian.org/security/2020/dsa-4766
actionpack CVE-2021-22885 HIGH 5.2.3 5.2.4.6, 5.2.6, 6.1.3.2, 6.0.3.7 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22885 GHSA-hjg4-8q5f-x6fm https://groups.google.com/g/rubyonrails-security/c/NiQl-48cXYI https://hackerone.com/reports/1106652 https://nvd.nist.gov/vuln/detail/CVE-2021-22885
activestorage CVE-2020-8162 HIGH 5.2.3 6.0.3.1, 5.2.4.3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8162 GHSA-m42x-37p3-fv5w https://groups.google.com/forum/#!msg/rubyonrails-security/PjU3946mreQ/Dn-6uLbAAQAJ https://groups.google.com/forum/#!topic/rubyonrails-security/PjU3946mreQ https://groups.google.com/g/rubyonrails-security/c/PjU3946mreQ https://hackerone.com/reports/789579 https://nvd.nist.gov/vuln/detail/CVE-2020-8162 https://www.debian.org/security/2020/dsa-4766
activesupport CVE-2020-8165 CRITICAL 5.2.3 6.0.3.1, 5.2.4.3 http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00034.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8165 GHSA-2p68-f74v-9wc6 https://groups.google.com/forum/#!msg/rubyonrails-security/bv6fW4S0Y1c/KnkEqM7AAQAJ https://groups.google.com/forum/#!topic/rubyonrails-security/bv6fW4S0Y1c https://groups.google.com/g/rubyonrails-security/c/bv6fW4S0Y1c https://hackerone.com/reports/413388 https://lists.debian.org/debian-lts-announce/2020/06/msg00022.html https://lists.debian.org/debian-lts-announce/2020/07/msg00013.html https://nvd.nist.gov/vuln/detail/CVE-2020-8165 https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released/ https://www.debian.org/security/2020/dsa-4766
json CVE-2020-10663 HIGH 2.2.0 2.3.0 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00004.html http://seclists.org/fulldisclosure/2020/Dec/32 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10663 GHSA-jphg-qwrw-7w9g https://groups.google.com/forum/#!topic/ruby-security-ann/ermX1eQqqKA https://hackerone.com/reports/706934 https://linux.oracle.com/cve/CVE-2020-10663.html https://linux.oracle.com/errata/ELSA-2020-5724.html https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c@%3Cissues.zookeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QL6MJD2BO4IRJ5CJFNMCDYMQQFT24BJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NK2PBXWMFRUD7U7Q7LHV4KYLYID77RI4/ https://nvd.nist.gov/vuln/detail/CVE-2020-10663 https://security.netapp.com/advisory/ntap-20210129-0003/ https://support.apple.com/kb/HT211931 https://usn.ubuntu.com/usn/usn-4882-1 https://www.debian.org/security/2020/dsa-4721 https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663 https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
nokogiri CVE-2019-5477 CRITICAL 1.10.3 1.10.4 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5477 GHSA-cr5j-953j-xw5p sparklemotion/nokogiri#1915 https://github.com/tenderlove/rexical/blob/master/CHANGELOG.rdoc https://github.com/tenderlove/rexical/blob/master/CHANGELOG.rdoc#107--2019-08-06 sparklemotion/rexical@a652474 https://groups.google.com/forum/#!msg/ruby-security-ann/YMnKFsASOAE/Fw3ocLI0BQAJ https://hackerone.com/reports/650835 https://lists.debian.org/debian-lts-announce/2019/09/msg00027.html https://nvd.nist.gov/vuln/detail/CVE-2019-5477 https://security.gentoo.org/glsa/202006-05 https://usn.ubuntu.com/4175-1/ https://usn.ubuntu.com/usn/usn-4175-1
nokogiri CVE-2019-13117 HIGH 1.10.3 >= 1.10.5 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html http://www.openwall.com/lists/oss-security/2019/11/17/2 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117 sparklemotion/nokogiri#1943 https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285 https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1 https://groups.google.com/d/msg/ruby-security-ann/-Wq4aouIA3Q/yc76ZHemBgAJ https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/ https://oss-fuzz.com/testcase-detail/5631739747106816 https://security.netapp.com/advisory/ntap-20190806-0004/ https://security.netapp.com/advisory/ntap-20200122-0003/ https://usn.ubuntu.com/4164-1/ https://usn.ubuntu.com/usn/usn-4164-1 https://www.oracle.com/security-alerts/cpujan2020.html
nokogiri CVE-2020-7595 HIGH 1.10.3 1.10.8 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595 GHSA-7553-jr98-vx47 sparklemotion/nokogiri#1992 https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076 https://linux.oracle.com/cve/CVE-2020-7595.html https://linux.oracle.com/errata/ELSA-2020-4479.html https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/ https://nvd.nist.gov/vuln/detail/CVE-2020-7595 https://security.gentoo.org/glsa/202010-04 https://security.netapp.com/advisory/ntap-20200702-0005/ https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08 https://usn.ubuntu.com/4274-1/ https://usn.ubuntu.com/usn/usn-4274-1 https://www.oracle.com/security-alerts/cpujul2020.html
nokogiri GHSA-7rrm-v45f-jp64 HIGH 1.10.3 1.11.4 GHSA-7rrm-v45f-jp64 GHSA-7rrm-v45f-jp64
rack CVE-2020-8161 HIGH 2.0.7 2.1.3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8161 GHSA-5f9h-9pjv-v6j7 rack/rack@dddb7ad https://groups.google.com/forum/#!msg/rubyonrails-security/IOO1vNZTzPA/Ylzi1UYLAAAJ https://groups.google.com/forum/#!topic/ruby-security-ann/T4ZIsfRf2eA https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA https://hackerone.com/reports/434404 https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html https://nvd.nist.gov/vuln/detail/CVE-2020-8161 https://usn.ubuntu.com/4561-1/ https://usn.ubuntu.com/usn/usn-4561-1 https://usn.ubuntu.com/usn/usn-4561-2
rack CVE-2020-8184 HIGH 2.0.7 2.2.3, 2.1.4 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8184 GHSA-j6w9-fv6q-3q52 https://groups.google.com/forum/#!msg/rubyonrails-security/OWtmozPH9Ak/4m00yHPCBAAJ https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak https://hackerone.com/reports/895727 https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html https://nvd.nist.gov/vuln/detail/CVE-2020-8184 https://usn.ubuntu.com/4561-1/ https://usn.ubuntu.com/usn/usn-4561-1 https://usn.ubuntu.com/usn/usn-4561-2
rake CVE-2020-8130 HIGH 12.3.2 12.3.3 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8130 GHSA-jppv-gw3r-w3q8 https://hackerone.com/reports/651518 https://lists.debian.org/debian-lts-announce/2020/02/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/523CLQ62VRN3VVC52KMPTROCCKY4Z36B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXMX4ARNX2JLRJMSH4N3J3UBMUT5CI44/ https://nvd.nist.gov/vuln/detail/CVE-2020-8130 https://usn.ubuntu.com/4295-1/ https://usn.ubuntu.com/usn/usn-4295-1
websocket-extensions CVE-2020-7663 HIGH 0.1.3 0.1.5 https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7663 GHSA-g6wq-qcwm-j5g2 faye/websocket-extensions-ruby@aa156a4 GHSA-g6wq-qcwm-j5g2 https://lists.debian.org/debian-lts-announce/2020/08/msg00031.html https://nvd.nist.gov/vuln/detail/CVE-2020-7663 https://snyk.io/vuln/SNYK-RUBY-WEBSOCKETEXTENSIONS-570830 https://usn.ubuntu.com/4502-1/ https://usn.ubuntu.com/usn/usn-4502-1
cargo
No Vulnerabilities found

Metadata

Metadata

Assignees

Labels

testspecify the issue generated by testtrivyvulnerability

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions